Avaya Configuring Data Encryption Services Manuel d'utilisateur télécharger pdf (Page 21)

Data Encryption Overview

117386-B Rev 00

1-5

Figure 1-1. Hierarchy of Encryption Keys

The keys are the:

• Node Protection Key (NPK). It encrypts the LTSS.

• Long-Term Shared Secret (LTSS). It is the source for the Master Encryption

Key.

• Master Encryption Key (MEK). It encrypts the Traffic Encryption Key.

• Traffic Encryption Key (TEK). The TEK encrypts the data that travels across

the network.

Random Number Generator (RNG)

The Bay Networks key management software uses an RNG in Site Manager to

generate values for the keys. These values are statistically random. An RNG uses

as its source a seed that you supply. For instructions, see “Creating Seeds” on

page 3-2.

Site Manager also uses its RNG to generate NPKs, and LTSSs.

The router software uses the RNG to generate TEKs.

WEP0001A

Billerica: NPK

Santa Clara: NPK

Billerica-SC: LTSS

Billerica-NY: LTSS

.....

FR or PPP

Site Manager

Santa Clara

Billerica

NPK

LTSS

TEK Data

MEK=(LTSS , TIME)

1 2 ... 16 17 18 19 20 21 22 23 24 25 26 ... 69 70

Pas de commentaire

Avaya Configuring Data Encryption Services Manuel d'utilisateur Page 21